﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;
using System.Web.Util;
using System.Data.SqlClient;

public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
        con.Open();
        string nombre = TextBox3.Text;
        string key = TextBox4.Text;
        string nombreUsu;
        string tipoU = "administrador";
        string cmdStr = "Select count(*) from funcionario where usuario = '" + nombre + "'";
        SqlCommand checkUsu = new SqlCommand(cmdStr, con);
        int temp = Convert.ToInt32(checkUsu.ExecuteScalar().ToString());

        if (temp == 1)
        {
            string cmdStr2 = "Select clave from funcionario where usuario = '" + nombre + "'";
            SqlCommand checkPass = new SqlCommand(cmdStr2, con);
            string claveUsu = checkPass.ExecuteScalar().ToString();

            if (claveUsu.Equals(key))
            {
                string cmdStr3 = "Select tipo_usuario from funcionario where usuario = '" + nombre + "'";
                SqlCommand checkTipo = new SqlCommand(cmdStr3, con);
                string tipoUsu = checkTipo.ExecuteScalar().ToString();

                string consulta = "select p.nombre from funcionario f, persona p where f.cod_persona=p.cod_persona and usuario = '" + nombre + "'";
                SqlCommand nomb = new SqlCommand(consulta, con);
                nombreUsu = nomb.ExecuteScalar().ToString();
                con.Close();

                //si usuario es tipo administrador
                if (tipoUsu.Equals(tipoU))
                {
                    Session["New"] = nombreUsu;
                    Application["New"] = tipoUsu;
                    Response.Redirect("inicio.aspx");
                }
                else
                {
                    Session["New"] = nombreUsu;
                    Response.Redirect("inicio.aspx");
                }
            }
            else
            {
                Label1.Text = "Clave no valida";
                Label1.Visible = true;
            }
        }
        else
        {
            Label1.Text = "El usuario no existe";
            Label1.Visible = true;
        }
    }
}
